Consulting News

CISO Magazine Honors KrebsOnSecurity

10Dec 19 CISO Magazine Honors KrebsOnSecurity CISO Magazine, a publication dedicated to covering issues near and dear to corporate chief information security officers everywhere, has graciously awarded this author the designation of “Cybersecurity Person of the Year” in its December 2019 issue. KrebsOnSecurity is grateful for the

Three-peat: Intercept X wins Best Endpoint Security again

Famous “three-peats”: – 1962-1964 Toronto Maple Leafs – 1972-1974 Oakland A’s – 1996-1998 Chicago Bulls – 1998-2000 Yankees – 2000-2002 LA Lakers – 2007-2009 Manchester United – 2017-2019 Sophos Intercept X In November, CRN®, a brand of The Channel Company, named Sophos as the best endpoint security

Reforming CDA 230

Reforming CDA 230 There’s a serous debate on reforming Section 230 of the Communications Decency Act. I am in the process of figuring out what I believe, and this is more a place to put resources and listen to people’s comments. The EFF has written extensively on

Ransomware: the cyberthreat that just won’t die

Thirty years on from the world’s first attack, ransomware is stronger than ever. Cybercriminals continue to evolve their tactics and techniques, taking advantage of changes in technology and society to refine their approach. The result: highly advanced, highly complex threats that can bring organizations to their knees.

Snatch ransomware reboots PCs into Safe Mode to bypass protection

The Sophos Managed Threat Response (MTR) team and SophosLabs researchers have been investigating an ongoing series of ransomware attacks in which the ransomware executable forces the Windows machine to reboot into Safe Mode before beginning the encryption process. The attackers may be using this technique to circumvent

9th December – Threat Intelligence Bulletin

December 9, 2019 For the latest discoveries in cyber research for the week of 2nd December 2019, please download our Threat Intelligence bulletin. TOP ATTACKS AND BREACHES The Vietnam-linked APT group Ocean Lotus has breached networks of the car manufacturers BMW and Hyundai. The group, previously linked

Jetzt für alle: Per API-Analysetool die SophosLabs-Expertise anzapfen

Heute einmal eine Interessante Sache in eigener Sache: Sophos hat diese Woche den Start von SophosLabs Intelix bekannt gegeben. Die Cloud-basierte Threat-Intelligence– und Analyseplattform ermöglicht es Anwendern, sicherere Anwendungen zu entwerfen. Programmierer haben via APIs Zugriff auf die Intelix Plattform, um mit aktuellem Cyber-Bedrohungs-Know-how Dateien, URLs und

Wissen ist Macht: Kompendium zum IT-Security-Topthema Ransomware

Sophos hat eine neue Ausgabe in seiner englischsprachigen Reihe der „Playbooks for Defenders“ veröffentlicht. Mit dem Titel „How Ransomware Attacks“ beschreiben die SophosLabs detailliert, wie unterschiedliche Ransomware-Varianten ihre Opfer angreifen und welche Vorsichtsmaßnahmen zum Schutz zu treffen sind. Das Kompendium richtet sich speziell an IT- sowie Security-Fachleute

Failure Modes in Machine Learning

About Bruce Schneier I am a public-interest technologist, working at the intersection of security, technology, and people. I’ve been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998. I’m a fellow and lecturer at Harvard’s Kennedy School and a board

Ransomware at Colorado IT Provider Affects 100+ Dental Offices

07Dec 19 Ransomware at Colorado IT Provider Affects 100+ Dental Offices A Colorado company that specializes in providing IT services to dental offices suffered a ransomware attack this week that is disrupting operations for more than 100 dentistry practices, KrebsOnSecurity has learned. Multiple sources affected say their

Friday Squid Blogging: Squidfall Safety

Table A. Turn • December 6, 2019 5:48 PM NSA Phone Surveillance Program Faces an End as Parties Come Together Eighteen years after George W. Bush [1] and the National Security Agency began secretly and warrantlessly collecting the phone records of every American, the House of Representatives

SophosLabs Intelix: Threat intelligence APIs for everyone

HTTP/2  200  OK Each and every Sophos product leverages a broad line-up of SophosLabs technologies – from machine learning models to URL categorization – all to augment themselves with the latest in threat intelligence and threat analysis. Historically, these technologies were only available to our internal product

Andy Ellis on Risk Assessment

Clive Robinson • December 6, 2019 3:39 PM @ Bruce, “The problem is our brains are intuitively suited to the sorts of risk management decisions endemic to living in small family groups in the East African highlands in 100,000 BC, and not to living in the New

Apple Explains Mysterious iPhone 11 Location Requests

05Dec 19 Apple Explains Mysterious iPhone 11 Location Requests KrebsOnSecurity ran a story this week that puzzled over Apple‘s response to inquiries about a potential privacy leak in its new iPhone 11 line, in which the devices appear to intermittently seek the user’s location even when all

Election Machine Insecurity Story

Election Machine Insecurity Story Interesting story of a flawed computer voting machine and a paper ballot available for recount. All ended well, but only because of that paper backup. Vote totals in a Northampton County judge’s race showed one candidate, Abe Kassis, a Democrat, had just 164

Incident Response Casefile – A successful BEC leveraging lookalike domains

December 5, 2019 By Matan Ben David, Incident response Analyst Imagine that you’re the owner of a startup and waiting for a million-dollar seed round of funding, only it never shows up in your bank account. Or imagine you’re the head of a venture capital firm who

Becoming a Tech Policy Activist

Blog > Becoming a Tech Policy Activist Carolyn McCarthy gave an excellent TEDx talk about becoming a tech policy activist. It’s a powerful call for public-interest technologists. Tags: activism, policy, public interest Posted on December 4, 2019 at 6:04 AM • 2 Comments Comments Subscribe to comments on

The iPhone 11 Pro’s Location Data Puzzler

03Dec 19 The iPhone 11 Pro’s Location Data Puzzler One of the more curious behaviors of Apple’s new iPhone 11 Pro is that it intermittently seeks the user’s location information even when all applications and system services on the phone are individually set to never request this

Know where your VPC traffic is going

When securing VPC traffic we all want a simple, sure-fire route to ensure we don’t accidentally make a private subnet public. The challenge we face, however, is that it’s been too easy to do just that – with route tables in a VPC that can only be